Microsoft Announces the First Security Update for Windows 8

Windows 8 has been available for two weeks, but is already scheduled to receive its first security update on November 13. Two critical updates will be delivered for Windows 8 while one each will be delivered for Windows 8 RT (for the Microsoft Surface) and Windows Server 2012.

The software patches address system vulnerabilities that allow hacker to execute malicious code remotely and a malware to affect a system’s integrity. Other released updates are available for Windows 7, Vista and XP as well as Internet Explorer.

Meanwhile, Romanian security firm Bitdefender announced on Friday that PCs using Microsoft’s Windows Defender anti-malware protection, was “prone to infection” by 15% of the 100 malware “families most used by cyber criminals this year.” In other words, Windows Defender, a part of the Windows OS, was only 85% effective.

Bitdefender statement continued:

The malware that successfully bypassed Windows Defender was capable of granting backdoor access to the system, intercepting keystrokes, stealing online games credentials, and more.

When tested without Windows Defender activated, the results were worse. Of the 385 samples, 234 ran successfully. Another 138 samples could not be started on the machine on various reasons, six e-threats executed but then crashed, and seven others launched but had their payload was blocked by UAC (User Account Control).

NBC News contacted Microsoft for comment about Bitdefender’s study. “Microsoft is committed to providing a trustworthy computing experience and continues to invest heavily in continuously improving our security and protection technologies,” a company spokesman said in an emailed statement.

Bitdefender said the malicious sample set it used “consisted of the families of malware detected most frequently in the past six months” by its own real-time virus reporting system.

The malware that successfully bypassed Windows Defender was capable of granting backdoor access to the system, intercepting keystrokes, stealing online games credentials, and more.

When tested without Windows Defender activated, the results were worse. Of the 385 samples, 234 ran successfully. Another 138 samples could not be started on the machine on various reasons, six e-threats executed but then crashed, and seven others launched but had their payload was blocked by UAC (User Account Control).

“Even if the new operating system boasts a major overhaul in terms of visuals with the introduction of the Advanced UI, Windows 8 with the default antivirus solution activated registers alarming detections rates similar to the one registered by Windows 7,” said Alexandru Balan, Bitdefender chief security researcher, said in a statement.

Bitdefender insists therefore that additional third-party protection for user PCs, such as its own solution, is a must for users to avoid compromised systems.